Exam CRISC topic 1 question 675 discussion

Segmentation is the strongest control mentioned here

The best Answer is B.

B. Implement network segregation. While all the options mentioned are important for cybersecurity, implementing network segregation is often considered the best approach for preventing cyber intrusion. Network segregation, also known as network segmentation, involves dividing an organization's network into smaller, isolated segments or zones. Each segment has limited access to other segments, reducing the attack surface and preventing lateral movement by cyber attackers.

Agree it is D.

i think its D because By strengthening vulnerability remediation efforts, organizations can proactively identify and address vulnerabilities before they can be exploited by cyber attackers.

should be D

Segregation does not prevent intrusion, but rather minimizes the impact.

Vulnerabilities are the ones to be exploited for cyber intrusion

Of possible answers D makes the most sense, as it is the widest. Then, second choice would be B. A makes little sens (does not prevent intrusion, but might prevent harm to be made by intrusion), and C is reaction, not prevention.

I would rather prefer D as answer than B , network segmentation actual prevent intruders movement from one NW to other (data, mgt layers), but won't prevent intruders.

A is def wrong, I understand why you would choose B, but that won't prevent you from the intrusion, I believe D, fixing the vulnerabilities would make more sense since it will prevent intrusion. network segregation will limit lateral movements, but not prevent intrusion.

Answer is D

Establish a cyber response plan.

DLP tool doesn't prevent cyber intrusions. Not all cyber intrusions go after data, for example DDOS attack. Strengthening vulnerability is the correct answer.